<?
		
	session_start();
		
	ob_start();
	
	$username = $_POST["textUsername"];
	$password = $_POST["textPassword"];
	
	include('class.mysql.php');
	$mydb = new mysql();
	$connection = $mydb->Connect();
	$sql="select nik,user,password,privilege,full_name,nik_approver,nik_mgr from user where user='$username' and password='$password'";
	//echo "$sql";	
	$query = $mydb->Query($sql);
	$num = $mydb->FetchNum($query);	
	if ($num==0)
		header("Location: index.php?msg=login_failed");
	else {
		$array=$mydb->FetchArray($query);
		extract($array);
		$_SESSION["nik_session"] = $array[0];
		$_SESSION["name_session"] = $array[1];
		$_SESSION["privilege"] = $array[3];	
		$_SESSION["full_name"] = $array[4];	
		$_SESSION["nik_approver"] = $array[5];	
		$_SESSION["nik_mgr"] = $array[6];	
		$_SESSION["old"] = "asdfasdf";
		header('Location: home.php?msg=Welcome '.$_SESSION["full_name"].' to TimeSheetOutsourcing...');
	}
	
	ob_end_flush();
?>
